Slashdot Mirror
DNS Poisoning Hits One of China's Biggest ISPs
Support Code writes "ZDNet's Zero Day blog is reporting that a DNS server of one of China's largest ISPs has been poisoned to redirect typos to a malicious site rigged with drive-by exploits. The DNS poisoning attacks are affecting customers of China Netcom (CNC) and are using a malicious iFrame to launch exploits for known vulnerabilities in RealNetworks' RealPlayer, Adobe Flash Player and Microsoft Snapshot Viewer. In this interview with CNet, Dan Kaminsky confirms that attacks are definitely going on in the field."
Because OpenDNS never had the flaw in the first place.
Centralization breaks the internet.
In fact Frosty Post AC has a point.
Chinese speakers (at least in Beijing) often use the word é£ä (neige) as a filler word; much in the same way as 'uh' or 'er' are used in the English language.
For anyone with no understanding of the Chinese language will often be confronted by the words 'nigga, nigga' when walking on the streets of Beijing.
OpenDNS has drawbacks too. They redirect Google.com and all non-existent domains to their own crappy search engine.
Exactly. But there is a workaround. Just sign up for an OpenDNS free account and you can turn their "features" off in your preferences. Once configured OpenDNS works just like normal DNS servers that return NXDOMAIN on unknown domains, which is all I want.
For dynamic IP users like me a bit more work is necessary: find a way to report the IP to OpenDNS so it knows it is you. I use the ddclient daemon to update my IP information to OpenDNS and things are working reasonably well so far.
Colorless green Cthulhu waits dreaming furiously.